Cisco Nexus 9000 Series APIC Access Control Vulnerability (CSCut12998)

high Nessus Plugin ID 88717

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco Nexus 9000 Series device is affected by an access control vulnerability in the Cisco Application Policy Infrastructure Controller (APIC) due to a flaw in the eligibility logic of the role-based access control (RBAC) code. An authenticated, remote attacker can exploit this, via specially crafted representational state transfer (REST) requests to the APIC, to make configuration changes outside of allowed access privileges.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCut12998.

See Also

http://www.nessus.org/u?73afdd7b

https://tools.cisco.com/bugsearch/bug/CSCut12998

Plugin Details

Severity: High

ID: 88717

File Name: cisco-sa-20160203-apic.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 2/12/2016

Updated: 11/20/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2016-1302

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os, cpe:/h:cisco:nexus_9000

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 2/3/2016

Vulnerability Publication Date: 2/3/2016

Reference Information

CVE: CVE-2016-1302

BID: 82549

CISCO-SA: cisco-sa-20160203-apic

CISCO-BUG-ID: CSCut12998